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NEW ZEALAND 
Patents Act 1953 
PROVISIONAL SPECIFICATION 

Title; Modem 

We, YELLOWTUNA HOLDINGS LIMITED, 
Nationality: A New Zealand company 

Address: Unit 2.. 36 William Pickering Drive, Albany, Auckland, New Zealand, 
do hereby declare this mvention to be described in the following statement : 
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Mediated Internet Connection 

This invention relates to connecting to the internet via a data connection which connection is 
remotely configurable as to access permissions. 



Comiection of a users business to tiie internet for access by internal parties may be by ADSL 
(Asymmetric Digital Subscriber Line), Such a connection is typically via an ADSL modem 
and may include a router to route incoming data packets and a firewall to stop attempts to 
intiude into tiie users data. Typically the configuration of tiie router and firewall is done on 
site and will need to be changed on site to cater for variations over time in the users business. 
This involves a smaUer user in expense as it requires specialised IT persomiel to come on site 
to carry out the configuration. 

Connections for higher volume users also typically include routers and firewalls connected 
via a plurality of modems for internet access. Currenfly tiiese are mainly configured on site 
by the users skilled personnel. 



It is therefore an object of the present invention to provide an internet connection which does 
not require on site attendance for configuration of ixjuter or firewall or which will at least 
provide the public with a useful choice. 



20 Accordingly, the invention may broadly be said to consist in a router and/or firewall which is 
initially incapable of domg other than providing a connection to a remote configuration 
authority, which authority then has sufBcient access to the router and/or firewall to configure 
it to achieve any desired access. 

Preferably tiie router and/or firewall initiates a connection witii tiie remote configuration 
25 authority. 

Preferably the router and/or firewall is entirely solid state. 
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Preferably the router and/or firewall initially has no software other than that required to 
initiate a connection to the configuration authority and receive information &om that 
authority. 

Preferably the initial connection maintains a high level of security, typically using public key 
5 cryptography. 

Preferably flie router, firewall and at least one modem are integral. 

Preferably the remote configuration authority is able to request packet monitoring data firam 
the router and/or firewall. 

Preferably the equipment is adapted to various internet connection methods, such as ADSL 
10 or cable. 

The invention includes the method of configuring the equipment to allow only initiation of a 
call to only a desired authority and to then allow update only by the authority. 

The invention may also broadly be said to consist in the parts, elements and features referred 
to or mdicated in the specification of the ^pUcation, individually or collectively, and any or 
15 all combinations of any two or more of the parts, elements or features, and where specific 
integers are mentioned herein which have known equivalents, such equivalents are 
incorporated herein as if they were individually set forth. 

One preferred form of the invention will now be described with reference to the 
acconq>anying drawings in which, 

20 FIGURE 1 shows a block diagram of the equipment. 

FIGURE 2 shows a flow diagram of the initial mediation procedure which downloads to the 
equipment. 



With reference to Figure 1, the diagram shows an ADSL connection via a modem 10 to a 
firewall 20 and router 30 which distributes the data to devices such as PC's 40. The modem 
acts to convert packets fi-om the firewall into a form suitable for carrying information over 
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the internet The firewaU 20 acts to restrict what infonnation packets may be transferred into 
the user, system and the router 30 acts to distribute packets to an internal user in accordance 
with the packet address. 

Figure 2 show, how ftc equipm^, „„ ^ ^ ^^^^ ^^^^^^^^ 

on detecting one sends a particnhr d«a strewn to tte :«„ote configuration auflxority which 
drtects me identity of fl„ calling equipment, and hence the customers identity, the 
c,mpm«.ts stat^ and its desi^d state as required by the customer. TTre r«note 

auaonty then implements a procedure to securely update the equipment wifl. fl,e desired 
configuration changes and wiU, the software required to carry out the desin,d fimctions. 

10 In «=co,dance with me preset invention the modem. firewaU and router are provided as a 
smgle equipment item. This it«n is installed on the users premises, provided wid, a 
comrection u, the internet and pow^ „p. a, ^^^^^ j^,^^, ^^^^ 
equrpment identifies itself to the remote configuration authority, the only action it is capable 
of tdong. lire remote authority may then, in secure mode. d„™joad to the equipment such 
config^atron details and software as will aUow it to perfomr the desired r^uter/firewaU 
functions. 

Preferably the equipment configuration template is held by the remote authority, who may 
«flrer rnake changes in it or aUow the to make changes m it via secure interne, access 
Such changes may be downloaded to the equipment in the same mamrer a, ti,e mitial' 
20 configuration data. 

lie firewall and router may maintain the «,rmal statistics of packets passed, addresses sent 
to or received flom. intiusion attempts ete. and may, either on prompting or on schedule, 
sari these details to tte configuration authority for storage and possible analysis. 

-nnis it can be seen ti«, at leas, ate prefer^l „f u,e invention provides an item of 
eqmpmen. which can be remotely conflg™«i fer r<mter and/or firewall set up purposes. 
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